Tuesday, August 02, 2005

Function, role and qualities of Compliance Officer

Where the accountants have failed, a new supervisor is rising: the (Chief) Compliance Officer.

In an article in the Financieele Dagblad (a Dutch newspaper), Edwin Weller, CCO of Robeco (a Dutch Financial Institution) discusses the function, role and qualities a Compliance Officer should have.

He says that the compliance function is an independant function in an advisory role, aimed at controling the risks that are relevant for maintaining or strenghtening the corporate reputation. However, the final responsibility for controling these compliance risks and for the definition of integrity remains a task of the Executive Board.Mr Weller says the main personal qualities of a Compliance Officer are discreetness, objectivity, independence, professionalism, and that he should be experienced in relation to the activities of the corporation.The Compliance Officer should have knowledge about legal, economic, social, operational and commercial aspects and preferably have a legal background.Do you agree that the role of the Chief Compliance Officer is merely an advisory one? Is protecting the corporate reputation his most important goal? Are the mentioned qualities and expertise areas complete?

3 Comments:

Anonymous said...

On the discussion of a Compliance Officer, who would be a better one than a Company Secretary qualified as Chartered Secretary. He /she has been educated and trained in all aspects of corporate governance, law, finance and regulations that are so essential in the governance of companies. However, in most countries corporate law the position of a company secretary is illed defined other that calling him "Officer" of the company which indirectly caused a misconception that the Company Secretary has powers of decision making in company matter. The Company Secretary has no decision making powers saved those of carrying out the wishes of the board and all compliance matters. Very little is said in corporate law of the Company Secretary's duties and functions saved those have been traditionally practised like preparing notices, recording minutes all all the mundane corporate administration. Nowadays a Company Secretary has much more complex work like advisory work with the Chairm,an and the Board of Directors. It's hig time to call the Company Secretary a Compliance Officer by rewording provision in corporate law that affects the position.

I think that we have firstly to clarify the role that the CCO's work has into the firm structure. In fact if we consider a CCO as a subject who has to check periodically the compliance of the executive activities of the firm in order to protect its assets, then he seems to be vey similar to the internal auditing function chief. On the contrary if we consider the CCO as a subject with merely advising function, not provided with any specifical compulsory or proposing power inside the firm, his role becomes nearer to the corporate advising firms one. The difference lies in the different way his work takes place: procedural and regulated in the first case, more free-form and comparable of a consulting service in the second.About the necessity of providing a high protection of the corporate reputation, I obviously think that its steady improvement may be a considerable added value to the corporate assets, and both directors and management should mind it.

This is an interesting discussion. In my experience there are internal and external compliance requirements that are applicable to and within a company. The internal requirements can be related to company’s culture, business model, etc and documented as internal standards, internal rules, or even not documented something that we call folklore but everyone is expected to know and comply with. Similarly the external compliance requirements can be federal requirements (see FISMA) external business partners’ compliance requirements (see VISA PCI) and so on…A CCO’s job usually entails keeping up to date with new and modified compliance requirements: Part of his/her duties are: ensuring that a sound and documented plan for implementing, enforcing, communicating, validating and maintaining compliance requirements exists as well as interfacing with peer risk management members, legal department, and upper management /shareholders council.Securing company’s assets in my experience does not fall under the CCO but under CSO (Chief Security Officer).

If you have any questions please feel free to contact me at rosecurit@rosecurit.eu